PC-Merlin implements the DOS 'copy' program with data encryption. This
allows the user to copy multiple files to a target disk or directory,
encrypting the data as the copy proceeds.
Such a function is particularly useful to users who need exchange
sensitive data with remote users, or who need to keep offsite backups
of such data.
PC-Merlin encrypts data using the DES (Data Encryption Standard) algorithm
in electronic code-book mode. There is currently no known general solution
to this algorithm.
MERLIN [drive:]i_path [drive:]o_path /K:keyvalue /E or /D [/S]
[drive:]i_path The input file(s)
[drive:]o_path The output file(s)
/K:keyvalue DES cipher key
/E Encrypt the file(s)
/D Decrypt the file(s)
/S Secure erase the input after processing
The input & output files must be supplied as parameters 1 & 2 respectively.
The order in which the switches are supplied is unimportant.
The keyvalue may be entered in one of 2 forms:
1. 64 bit Hex. This is a 64 bit or 8 byte Hex value entered thus:
2. Keyphrase. This is any arbitrary sequence of characters such as
an easily remembered phrase. The minimum length allowed is 8
chars, maximum 64 chars. Two rules should be considered when
1. Easily remembered phrases are often easily guessable
2. Long phrases produce more secure keys than short ones
An example of a good (ie: secure) keyphrase would be:
The user selects the cipher function, Encrypt or Decrypt with the /E or /D
switches. /E indicates that encryption is required, /D indicates that dec-
-ryption is required. If both switches are specified, then the last one on
the command line has precedence.
It is often desirable to erase the input file after processing. This option
is selectable by specifying the /S switch. The secure erase function erases
files by repeatedly overwriting them with a changing pattern, as specified
by the US Department of Defence secure erase procedures. After the file data
has been overwritten, it is then deleted.
A user wishes to copy all data from a directory to floppy, which will be
C:> merlin c:\secrets\*.DBF a: /K:nevertalktostrangers /E
The user may choose to erase data after it has been copied thus:
C:> merlin c:\secrets\*.DBF a: /K:nevertalktostrangers /E /S
If the data had to restored from floppy, then the following command would
C:> merlin a:*.* c:\secrets\*.DBF /K:nevertalktostrangers /D